tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Antony GUILLOTEAU <antony.guillot...@systeme-u.fr>
Subject Re: Rép. : SSL question
Date Wed, 05 Oct 2005 06:23:16 GMT
If you want use javax.net.ssl you must have tomcat in a version upper or egal to 5.


>>> fox_devils_wild@yahoo.co.uk 04/10/2005 18:28:59 >>>
Hi, thanks!

I've got my own TrustManager/HostnameVerifier and it works when I use Apache's
SecureWebServer and SecureXmlRpcClient. I'm not using javax.net.ssl, but
instead com.sun.net.ssl - couldn't make it work with javax.net.ssl. Is the code
below necessary for the servlet as well? Thought Tomcat has got all the
information about trusted certificates in its keystore.


--- Antony GUILLOTEAU <antony.guilloteau@systeme-u.fr> wrote:

> Many articles talk about how access https using java client throws
> HttpsURLConnection.
> 
> You must use :
>   - your own TrustManager (implements javax.net.ssl.X509TrustManager)
>   - your own KeyManager  (implements javax.net.ssl.X509KeyManager)
>   - your own HostnameVerifer(implements javax.net.ssl.HostnameVerifer)
> 
> and use this following code : 
> 
>     TrustManager[] objTrustManager = new TrustManager[] {new
> MyX509TrustManager()};
>     KeyManager[] objKeyManager = new KeyManager[] {new MyX509KeyManager()};
> 
>     SSLContext sc = SSLContext.getInstance("SSL");
>     sc.init(objKeyManager, objTrustManager, new SecureRandom());
> 
>     SSLSocketFactory objSocketFactory = sc.getSocketFactory();        
>     HttpsURLConnection.setDefaultSSLSocketFactory(objSocketFactory);
> 
>     HttpsURLConnection.setDefaultHostnameVerifier(new MyHostnameVerifer());
> 
> 
>     ...
>     URL objUrl = new URL(...)
>     HttpsURLConnection objHttpsURLConnection =
> (javax.net.ssl.HttpsURLConnection) objUrl.openConnection();
> 
> I hope it's help you.
> 
> >>> fox_devils_wild@yahoo.co.uk 04/10/2005 17:54:30 >>>
> Hi
> 
> I've got a servlet which works fine when using http. But when I want to
> access
> it through https I get a certificate unknown exception. Why does
> https://localhost:8443 work in a browser but accessing my servlet (with java
> client)  not? Do I need to make my servlet SSL aware? Using another secure
> webserver works with my client. Hope someone can help.
> 
> Thanks!
> 
> 
>         
> ___________________________________________________________ 
> To help you stay safe and secure online, we've developed the all new Yahoo!
> Security Centre. http://uk.security.yahoo.com
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> 



        
___________________________________________________________ 
To help you stay safe and secure online, we've developed the all new Yahoo! Security Centre.
http://uk.security.yahoo.com

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message